Unlock instant, AI-driven research and patent intelligence for your innovation.

Method, system, gateway and network node implementing internet security protocol

A network node and security protocol technology, applied in the network field, can solve problems such as increasing processing time, affecting bandwidth utilization, increasing system complexity, etc., to achieve the effect of reducing system complexity and avoiding modification

Active Publication Date: 2011-12-21
HUAWEI DIGITAL TECH (CHENGDU) CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In the process of realizing the present invention, the inventor found that the prior art has at least the following disadvantages: a new Authentication Data algorithm has been introduced, and the standard algorithm has been modified, resulting in an increase in the complexity of the algorithm; The original IP header adopts different Authentication Data algorithms for different packets, which increases the processing time; adding NATPT-D payload in the main mode stage of IKE negotiation and discovering the existence of NAT-PT affects the utilization of bandwidth. Negotiation packets pass through NAT-PT using UDP encapsulation. The UDP source port of IKE packets may be modified, and the responder is required to be able to process IKE requests with port numbers other than "UDP500". Therefore, NATPT-OA encapsulation is adopted. But all these measures need to do additional processing on the standard IKE negotiation, which greatly increases the complexity of the system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system, gateway and network node implementing internet security protocol
  • Method, system, gateway and network node implementing internet security protocol
  • Method, system, gateway and network node implementing internet security protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] In order to make the object, technical solution and advantages of the present invention clearer, the implementation manner of the present invention will be further described in detail below in conjunction with the accompanying drawings. It should be understood that the specific embodiments described here are only used to explain the present invention, and are not intended to limit the present invention.

[0037] figure 1 It is a schematic structural diagram of a system embodiment implementing an Internet security protocol according to an embodiment of the present invention. figure 1 The system shown includes an Internet Protocol version 4 (IPv4) network node 13 , a NAT-PT gateway 12 and an Internet Protocol version 6 (IPv6) network node 11 . Adopt segmental Internet Security Protocol (IPSec) communication between IPv4 network node 13 and IPv6 network node 11, that is, respectively establish corresponding SA between NAT-PT gateway 12 and described IPv4 network node 13, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention embodiment relates to a method, a system, a gateway and a network node which implement the internet security protocol; the network address transformation NAT-PT network establishes SA respectively on the NAT-PT gateway and the network nodes on both ends of the NAT-PT gateway, and adopts the sectional IPSec so that the modification of the AH algorithm is avoided; the system complexity is reduced when the NAT-PT network implements the IPSec.

Description

technical field [0001] The invention relates to network technology, in particular to a method, system, NAT-PT gateway and network node for implementing Internet security protocols. Background technique [0002] With the rapid expansion of network scale, Internet Protocol version 4 (IPv4) cannot meet the needs of current and future network development due to factors such as too little address space and low security. With the rapid development of network technology, Internet Protocol version 6 (IPv6) appears. As an upgraded version of IPv4, IPv6 provides a huge address space and greatly enriches address resources. However, in view of the fact that IPv4 is a fairly mature technology with wide application and incomplete IPv6 technology and related equipment, it is impossible for the IPv6 network to completely replace the IPv4 network immediately, and it will take a long time to coexist with the IPv4 network to realize the transformation from IPv4 network to IPv6 Transition. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/56H04L29/12
Inventor 刘利锋
Owner HUAWEI DIGITAL TECH (CHENGDU) CO LTD